GDPR is Driving the Need for Data Governance

The true value of data governance lies in leveraging the strategic value of data as an asset. However, due to a lack of common definition, understanding and ownership of the data governance function, organizations haven’t yet been able to exploit their data for competitive advantage. This scenario is set to change. We are finding that the GDPR is putting data governance higher up on the corporate agenda. With the countdown to May 2018 already begun, this regulation is serving as a wake-up call to organizations. A maximum fine for non-compliance at four per cent of an organization’s worldwide turnover is substantial enough to make any corporate take heed.

Spreadsheets, which are widely used in business for storing and manipulating data, pose one of the biggest risks to GDPR compliance. For example, given that in organizations numerous Excel workbooks, each with multiple worksheets and copious number of cells, is typical; the task of ensuring that these mammoth files comply with the various GDPR requirements – including the right to be forgotten, data portability, and anonymisation and pseudonymisation of personal information – is no easy task.

The challenge for GDPR compliance is compounded for organizations as there’s no prescriptive or rules-based approach advocated by the regulators. They are demanding that organizations opt for a best practice-led approach to continuous governance. Consequently, organizations need technology to make true data governance a reality.

A technology-led approach to spreadsheet management can help organizations to establish and automate end-to-end processes to ensure data quality and governance. It can enable organizations to identify the spreadsheets that contain the private and confidential records of individuals and categorise them based on the risks they pose to the business. By way of example, a spreadsheet containing national insurance numbers of employees or client data pertaining to the ‘Know Your Customer’ requirement would be a high-risk file compared to one with sporadic entries of personal records. Those spreadsheets can then be actively monitored for change management to ensure they comply with internal and external spreadsheet usage policies, which is key component of the larger data governance initiative. Furthermore, spreadsheet management technology can also institute auditable security controls to detect anomalous behaviour in near real-time.

Extending such an approach across the organization will greatly assist with compliance with many other regulations too including IFRS 9, Solvency II, MiFID II, BCBS239 and so on. It is then that organizations will truly establish processes for organization-wide data governance and reap its benefits for informed business decision making and competitive advantage.

Get in touch

Let's talk about how ClusterSeven can increase transparency and control around your spreadsheets and give you confidence in your business critical processes and the accuracy of your data empowering you to make informed business decisions.